We may earn a commission when you make a purchase via links on this site.

What is AES Encryption? And How Does It Work?

By Tibor Moes / September 2022

What is AES Encryption? And How Does It Work?

What is AES Encryption

Any industry that takes cyber security seriously implements the advanced encryption standard (AES). It helps prevent hackers from accessing sensitive data, allowing visitors to explore various platforms safely.

But how exactly does this encryption standard work, and how does it shield data stored on certain networks? The following AES encryption guide will provide the answers.

Summary: AES encryption is a process that conceals sensitive data using approved 256-bit, 192-bit, or 128-bit encryption algorithms. The other name for the standard is FIPS 197.  The system is used for protecting sensitive government information and in security software, like Virtual Private Networks and Password Managers. Due to its importance, it’s managed by the National Institute of Standards and Technology (NIST).

Tip: Don’t take risks online. Protect your devices against malware with antivirus software and encrypt your online privacy with a VPN.

How does an AES Encryption Algorithm Work?

An AES encryption algorithm features block ciphers to both encrypt and decrypt information. The procedure creates ciphertext – an unreadable version of plain text. The real message can’t be revealed until a user uses a secret key to decipher it.

The process used to decrypt messages can have 256-bit, 192-, and 128-bit key lengths.

In AES communication, the senders and recipients share the same secret key. They use this information to convert ciphertext into readable text. Hackers can intercept the key, but they wouldn’t be able to read the message since there’s no way to decipher it. That’s why only the senders and recipients should know the cryptographic keys.

This is the basic explanation of the advanced encryption standard, but let’s break it down to help you understand it better.

Initially, the system divides sensitive information into blocks. There are multiple ways to organize the data, but most networks use the 128-bit key size.

After the division, the data undergoes several modifications:

Key Expansion

This process develops a new type of key – a round key. Each round creates another round key using a special system called Rijndael’s key schedule.

Regardless of your initial phrase, the key schedule turns it into a series of jumbled numbers and characters. However, the characters aren’t entirely random because the system uses a specific process to code each symbol. The encryption process won’t need this set for the time being, but it’ll be crucial later.

Round Key Integration

During this stage, the system inserts the original round key into the data mix that’s been divided. It’s also the first instance of encryption.

Here, algorithms add the original key to the phrase, which was already transformed into a block. Including two more text blocks may seem impossible, but that’s not the case in this system.

Remember, AES encryption utilizes binary code. What you see on the screen at this phase is just a visual representation of the binary process. Therefore, the procedure puts out another set of ciphers after incorporating the pair of blocks.

Byte Substitution

This is when every byte is substituted with a new one, depending on the network’s substitution box. Rijndael’s key schedule is also used here, as it provides a pre-established matrix for the substitution.

Shifting Rows

This stage involves moving the rows of the divided information to make way for new information. The first one stays put, but the others are rejigged.

For example, the algorithm moves the second row one byte to the left, whereas the third one shifts two bytes to the left. The final row is relocated three bytes to the same side.

Mixing Columns

The system uses a pre-determined matrix to create new blocks of code. The action multiplies the column by the matrix to provide another code block. It’s a complex process that involves advanced mathematics.

Round Key Integration

The network introduces one more round key to the columns. However, it doesn’t produce the key from scratch – it merely applies the key created in the expansion section.

The key is incorporated into the block after the system has been mixed according to the matrix. This gives the administrator more code, which undergoes further modifications.


Each AES encryption involves the above steps, but the procedure isn’t finished yet. It needs to be repeated several times.

Here’s how many times the system reiterates this process, depending on the encryption key length:

· 128-bit keys – 9 times

· 192-bit keys – 11 times

· 256-bit keys – 13 times

There’s also a specific number of transformation rounds. Again, it depends on the encryption key length:

· 128-bit keys – 10 rounds 

· 192-bit keys – 12 rounds

· 256-bit keys – 14 rounds

Administrators can also combine AES encryption with other cryptographic key combinations to bolster their encryption methods. This creates a virtually impenetrable secret key that thwarts malicious actors. It’s used by the National Security Agency (NSA) and other high-level organizations.

AES Encryption Types

As previously discussed, there are three types of AES encryption: 256-bit, 192-bit, and 128-bit systems. Let’s discuss each procedure in detail.

128-Bit Encryption

128-bit AES encryption hides plaintext data with 128-bit key lengths. It features 10 transformations to transform standard text into ciphertext. The process may also describe fixed block sizes of this encryption algorithm.

Even though the key lengths vary (128,192, 256), block sizes are always 128 bits.

As the system features fewer encryption rounds, it’s less secure than its 192 and 256-bit counterparts. Nevertheless, this doesn’t mean it can’t protect information adequately. This code is yet to be cracked and is used by the government to hide classified data. Hence, it’s basically impenetrable and takes years to break through brute force attacks.

192-Bit Encryption

Encrypting information with 192-bit coding requires the administrator to conceal plaintext with a key that’s 192 bits long. This process features 12 transformations and is often used by national agencies to shield government data.

The system is more secure than 128-bit encryption. Along with 256-bit versions, it’s the only key length approved for protecting top-secret information.

Most users are happy with 128-bit encryption when shielding their data, but agencies facing constant hacking threats opt for higher key lengths. The 192-bit version is a reliable coding system that further reduces the risk of data breaches. It requires brute force attackers to dig deeper, and they rarely have the technology necessary to crack the blocks quickly enough.

256-Bit Encryption

Like the previous two versions, 256-bit encryption uses a specific key length to hide plaintext data. In this case, the keys are 256 bits long.

This is the largest and most complex procedure, making it the hardest to crack. It consists of 14 transformations, which is why it’s nearly impossible to break.

Due to such complexity, some people refer to this encryption as an overkill. According to some estimates, it can take billions of years to crack this block with regular attacks.

What Are the Features of the AES Encryption Process?

An AES encryption algorithm can have varying structures. However, all codes share certain features:

· Service provider (SP) network – The encryption and decryption use a robust SP network rather than Feistel ciphers.

· Key expansion – The network comes up with one initial key and later expands it to several keys.

· Byte data – Algorithms operate with byte data and not bit data. Therefore, it treats 128-bit AES key length as 16 bytes throughout the procedure.

· Key length – The system needs to carry out a specific number of rounds. It hinges on the key lengths used for data encryption.

AES Encryption Examples

Many applications, networks, and devices use AES encryption to code information. One of the most popular examples is the MX500 SATA SSD. This Crucial hardware utilizes a 256-bit block size to provide reliable encryption and keep cybercriminals at bay.

Another famous example is Samsung 860 EVO SSD. Like the previous device, this hardware features a 256-bit block cipher to safeguard information.

WhatsApp messages are also worth noting. The app receives a lot of praise for its secure communication, as it’s encrypted with a 256-bit block cipher.

Google Cloud is just as safe. All data is protected with a 256-bit system since the NIST recommends it to ensure the highest customer satisfaction.

Here are a few other instances of AES encryption:

· BitLocker (by Microsoft Windows) – 256-bit and 128-bit ciphers

· Trusted Computing Group – 256-bit length

· NSA – 256-bit blocks

· Password managers (e.g., LastPass) – 256-bit ciphers

· VPNs – The primary duty of VPNs is to establish a secure connection to online servers. As a result, they need to protect you from hackers and other threats, so they bolster their system with AES encryption. Most platforms use the 256-bit version (e.g., ExpressVPN, Surfshark, and NordVPN).

· Wi-Fi – Wireless connections also rely on AES algorithms. Usually coupled with WPA2, they allow you to connect your device to a Wi-Fi network more confidently. This isn’t the only protection providers use, but it’s the most dependable one.

· Compression and archive tools – The best file compression and archive programs prevent data leaks with AES, including WinZip, RAR, and 7z. They typically run 256-bit blocks.

· Mobile application – Facebook, Messenger, Snapchat, and other popular apps send your information safely through an AES-based system. Otherwise, virtually anyone could get their hands on your messages and images.

· Programming language libraries – C++, Python, Java, and most other coding language libraries implement AES to safeguard against information theft.

· OE system parts – File systems and other parts of your operating system add a safety layer through AES.

What’s the Difference Between 128-Bit and 256-Bit Encryption?

AES is considered safe against most hacking attempts. A perpetrator can use numerous key combinations, but this process takes too long. The encryption keys are too long to be cracked by computers, even if malicious actors used advanced processors with unrivaled speed.

That said, not every AES encryption offers the same level of protection. More specifically, 256-bit versions are much more difficult to break than their 128-bit counterparts.

The only downside of 256-bit keys is that they require tremendous processing powers to generate and manage. Executing them is even more challenging.

Thus, if organizations have limited power on their small devices or face recurring latency issues, 128-bit keys might be a better choice. They’re easier to set up and require minimal resources.

Nonetheless, both types have one thing in common – they’re practically impossible to crack. Even if you use the shorter version, attackers will need an unimaginable amount of computer power that can’t be achieved in the foreseeable future. In other words, they would need quantum computing, which is yet to be developed.

Does this mean your system is 100% safe after implementing AES encryption? Unfortunately, the answer is no.

Cybercriminals can still penetrate your network. They understand they can’t make their way to your system by targeting your AES encryption, but they can use other gateways. That’s why you need to ensure the rest of your software works correctly. It should have robust features to protect your data and patch up any weak points.

In addition, you can’t have any uncertainty or gray areas about your data handling and storage. For instance, if your information lies in a cloud-based platform, you need to know the exact location of your cloud. It shouldn’t be shared with third parties and, if possible, you want to protect it with a password.

Lastly, other components of cyber security (VPNs, antiviruses, etc.) should be user-friendly. This ensures everyone on your network knows how to implement these systems to deter hackers.

What’s the Difference Between RSA and AES?

AES isn’t the only encryption algorithm organizations use to protect data stored on their network. You can also come across the Rivest-Shamir-Adleman (RSA) arrangement.

On the one hand, administrators most commonly use AES to shield their information at rest. The most frequent applications include storage encryption, database encryption, and self-encrypting disk drives. It also utilizes a symmetric block cipher (a single key both encrypts and decrypts messages).

On the other hand, the RSA is generally used to secure connections to websites, VPNs, and similar applications. This encryption standard lies at the core of most asymmetric encryption arrangements. It involves two keys to address potential intrusion attempts.

The two keys aren’t the same. One of them is private, and the other one is public. If they’re part of a public network, you can only decrypt the message with a corresponding public key and vice versa. In most cases, administrators set up RSA encryption if the network has two endpoints.

Although RSA algorithms work great for shielding data transfer across various geographic boundaries, their performance is poor. The solution is simple – combine them with AES models to reap the benefits of both arrangements. By generating temporary AES keys and shielding them with RSA encryption, the administrators get a high-performing yet secure network.

What’s the Difference Between DES and AES?

The data encryption standard (DES) was developed nearly 50 years ago. It helped the government ensure all systems featured the same safety algorithms when connecting to each other.

DES was the main cryptography method until the end of the 20th century when researchers used an advanced computer system to break the 56-bit key. The government switched to AES in 2000 to protect classified data better. However, they still used DES sometimes to check backward compatibility.

DES and AES are symmetric encryption technologies, but the latter is more efficient due to various key lengths. Whether an organization uses the 128, 192, or 256-bit option, it takes a long time to crack it. By contrast, hackers can break the 56-bit DES cipher much more easily. This makes AES the more robust solution.

Additionally, AES is faster than DES encryption. That’s why organizations prefer this encryption for hardware, firmware, and applications that need a low-latency operation.

The NIST hasn’t been using or recommending DES for protecting information since 2005. It’s been withdrawn and replaced by AES as the modern encryption gold standard.

Even if you use triple DES (DES’s supposedly extra-safe big brother), your network is under greater threat than with AES encryption. For this reason, NIST will officially retire triple DES in 2023.

What Are the Risks Associated With AES?

AES is a robust encryption method, but it’s not perfect. Even though there haven’t been any successful attempts to break this layer, technological breakthroughs may allow hackers to penetrate the system soon.

Moreover, mistakes can easily happen during the implementation. They can be ideal entry points for cybercriminals.

Hackers can compromise AES encryption keys in several ways:

Related-Key Breaches

There are many password breaching techniques, with brute force attacks being the most common type. It involves a hacker submitting numerous passphrases or passwords, hoping they’ll eventually guess correctly. The perpetrator applies little-to-no planning, which is why this is known as a brute force attack.

By contrast, related-key attacks assault the very encryption key. They require less time and are more likely to succeed.

A related-key attack is effective if the malicious actor is familiar with the relationship between the two keys.

AES systems have been targeted by related-key attacks several times. The most significant attempt was discovered nearly 15 years ago. Cryptographers have since improved key schedules to minimize the risk of data breaches.

Side-Channel Attacks

AES encryption doesn’t protect you from side-channel attacks if you set it up incorrectly. These assaults are security exploits designed to collect data or influence programs of your system by measuring some of its indirect systems.

In simpler terms, they don’t target your code or program directly – they aim to extract cryptographic keys or other sensitive information through hardware leaks. The other name for the hacking attempts is implementation or sidebar attacks.

Known-Key Distinguishing Attacks

Known-key distinguishing attacks are a model that targets symmetric ciphers. The hacker knows one of the keys in the system’s structural property, but only if the transformation to ciphertext isn’t random.

The most famous known-key distinguishing attack took place in 2009. The perpetrator tried to break AES 128 but was unsuccessful. It cracked the eighth block version, but as previously indicated, these key lengths undergo 10 encryption rounds. Hence, the intrusion didn’t pose a significant threat.

Your system is unlikely to fall victim to these attacks for a simple reason – the attacker needs to know your secret key. If you don’t share it with third parties, your network will be immune to these attempts.

Key-Recovery Attacks

Another risk AES encryption encounters is exposure to key-recovery attacks. The adversary may try to recover your cryptographic key to access your system. Still, they’ll need to obtain at least one encrypted and decrypted message, which is unlikely.

A cybercriminal tried to crack AES encryption in 2011 with a key-recovery attack but failed to do so. Although the method is faster than brute force, it still takes too long.

AES Encryption Guarantees Peace of Mind

No encryption is completely secure, but AES encryption is head and shoulders above the rest. Hackers have no time to attempt all possible key combinations to crack the code, and the technology that would accelerate the process doesn’t exist yet.

So, if you run an organization that must protect its customers’ crucial information, don’t take a chance with low-quality encryption. AES is your best bet.



Frequently Asked Questions

How secure is AES Encryption?

AES systems are virtually impervious to brute force attempts since cracking them takes billions of years. Still, there can be some risks if you implement the encryption improperly.

Why do people use AES Encryption?

AES has become the encryption industry standard, as it protects all sorts of digital data. Countless platforms rely on it, such as VPNs, wireless networks, video games, and password managers.

How are AES Encryption keys generated?

There are several ways to generate an AES key. But in most cases, the numbers are provided with a random number generator or key derivation function.

Author: Tibor Moes

Author: Tibor Moes

Founder & Chief Editor at SoftwareLab

Tibor is a Dutch engineer and entrepreneur. He has tested security software since 2014.

Over the years, he has tested most leading antivirus software for Windows, Mac, Android, and iOS, as well as many VPN providers.

He uses Norton to protect his devices, CyberGhost for his privacy, and Dashlane for his passwords.

This website is hosted on a Digital Ocean server via Cloudways and is built with DIVI on WordPress.

You can find him on LinkedIn or contact him here.

Don't take chances online. Protect yourself today:

Best Antivirus Icon - SoftwareLab

Compare Antivirus

Protect your Devices

Best VPN Icon - SoftwareLab

Compare VPN

Protect your Privacy

Or directly visit the #1: